User can unlock file locked by other user in shared folders

[susnux]

Scenario:
User A creates a shared directory.
User B creates a file in that directory and locks the file
User A tries to unlock that file.

What happens:
The file gets unlocked without errors.

What should happen / is expected:
The file stays locked and the server returns 403. Because the lock is owned by user B.

Why does this happen
The initial test if the owner of the lock and the current user are the same, fails ✔️

files_lock/lib/Service/LockService.php

Line 244 in 7b1827a

if ($isSameOwner && $isSameType) {

But then the next check allows to unlock, because the file is created inside the shared directory it is owned implicitly by the sharing user, and we allow file owners always to unlock:

files_lock/lib/Service/LockService.php

Line 248 in 7b1827a

if ($request->getType() === ILock::TYPE_USER && $request->getNode()->getOwner()->getUID() === $this->userId) {

---

I am not sure if this is a feature or a bug. So probably two solutions here:

1. Allow configure whether file owners are allowed to always unlock
2. Document that file owners always can unlock their files and note that files in shared folders are always owned by the folder owner.

[Rello]

was introduced here
#140

[camlafit]

hello

We have some trouble I thinks related as explained at #170 (comment)